Please note, MISTI is in the process of changing our payment details. Please contact us for further details and on ways to pay at misti@misti.com or +44 (0) 203 819 0800. We are sorry for any inconvenience.

How to Proactively Hunt for Cyber Threats

By Marcos Colón

| April 12, 2018

The relationship between security professionals and threat actors can best be described as a cat and mouse game. Yes, security technology is continually evolving in an attempt to stay ahead of threats, but the challenge is monumental given how adversaries can quickly pivot and update their tools.

When you consider malware detection, the fundamental approach involves security practitioners laying down traps for the bad guys - much like everyone’s favorite cartoon cat Tom did when he was after the cute and smart little Jerry. But it’s a much more severe scene when you take into account what’s at stake for businesses, enterprises, and consumers today.

While the traditional malware detection is useful, it’s also one step behind threat actors. Those “traps” have to be continuously customized to match the evolution of malware, Giovanni Vigna, a professor at UC Santa Barbara’s Computer Science Department and co-founder of Lastline, told InfoSec Insider in a recent interview.

“We continuously have to modify these traps, from a mousetrap to a lion trap, to a bear trap,” Vigna told InfoSec Insider at the recent InfoSec World Conference & Expo in Orlando, Florida. “This requires a lot of human involvement, which is very expensive, [and] eventually we’ll be at a disadvantage in this arms race. They can always come up with a new animal for which we don’t have a trap.”

What’s the answer? Vigna believes it’s time for security practitioners to get proactive.

In the full video interview below, Vigna discusses why security professionals should consider a proactive threat hunting model, and outlines how they can begin to take that approach.

Quick Links

MIS Training Institute is registered with the National Association of State Boards of Accountancy (NASBA) as a sponsor of continuing professional education on the National Registry of CPE Sponsors. State boards of accountancy have final authority on the acceptance of individual courses for CPE credit. Complaints regarding registered sponsors may be submitted to the National Registry of CPE Sponsors through its website: www.nasbaregistry.org.